To Deal With Technology Risk, Focus on Resilience

Have you noticed how people are talking more about risk these days? Not surprising, given the spectacular nature of recent hacks. Even reinsurers express worry: in a poll last fall, 40% ranked cyberattacks as the most threatening emerging risk of 2015.

Yet, cyberattacks threatening your systems’ security and your data’s privacy are only part of a much larger risk problem. This greater scope of risk is more about effect than cause – if you contain your risk strategy solely to cyberattacks, you’ll leave yourself exposed on other fronts.

Much of today’s corporate risk comes from the rapid digitization of a broad range of business processes, creating new kinds of risks beyond the scope of traditional, siloed IT systems. From the hyper-connectivity required by cloud services, mobile devices, and collaboration tools to virtualized data centers, software-defined networks, big-data cleanup/analytics, and a whole lot more, each ‘digitization’ brings with it new dimensions of vulnerability that test an enterprise’s resilience.

What you’re really risking

These days, technologies evolve in complexity so rapidly that you may have a tough time recognizing the kinds of technology risks that translate to serious business threats.

Do you know, for instance, how well your data backup systems are working, and which of your operations will continue functioning if data is lost for a day, a week, forever? What happens if your data transmission protocols don’t comply with privacy rules affecting your business — and it’s discovered by a regulator? How long will your customers tolerate your Internet absence when your complex virtualized data center goes dark and stays that way?

Answering for these sorts of issues after-the-fact can devastate an enterprise, and that is why it’s so important that you manage technology risks (read: business threats) proactively.

Proactive risk management can save you money and boost business resilience. Recently, one Quest customer had us come in to assess their disaster recovery (DR) preparedness and develop a new business continuity plan as they prepared to launch their second data center. When our engineers showed them what a new data center would require to completely meet their needs, they opted instead for a DR-as-a-Service (DRaaS) capability that cost less and improved their cybersecurity stance.